ng-token-auth no access control

1
votes

I'm building an Ionic App using ng-token-auth with a rails API with devise-token-auth.

I just implemented the registration part following the docs

https://github.com/lynndylanhurley/ng-token-auth#authsubmitregistration

after the user is registered and the mail is confirmed, a cookie with the auth headers 'access-token', 'token-type', 'client', 'expiry' and 'uid' is created.

The problem is that after this point I get the error 

 XMLHttpRequest cannot load http://127.0.0.1:8000/api/auth/validate_token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access. The response had HTTP status code 500.

I followed the docs for devise-token-auth and used the rack-cors gem.

Could you help me to get this working?

thanks :)

edit

This is the config for rack-cors

##config/application.rb
...
config.middleware.use Rack::Cors do
  allow do
    origins '*'
    resource '*',
    :headers => :any,
    :expose  => ['access-token', 'expiry', 'token-type', 'uid', 'client'],
    :methods => [:get, :post, :options, :delete, :put, :patch]
  end
end

And this is the config for the routes

##config/routes.rb
Rails.application.routes.draw do
  namespace :api do
    mount_devise_token_auth_for 'Usuario', at: '/auth'
  end

  root 'api/supermercados#index'
end

And these are the details of the error enter image description here

And this is the info of the user registered

<Usuario id: 26,
provider: "email",
uid: "[email protected]",
encrypted_password: "$2a$10$pePdkiqygjPMb/YXxa2bju6hP1nyipNsxtvDfElvo/9...", 
reset_password_token: nil,
reset_password_sent_at: nil,
remember_created_at: nil,
sign_in_count: 0,
current_sign_in_at: nil,
last_sign_in_at: nil,
current_sign_in_ip: nil,
last_sign_in_ip: nil,
confirmation_token: "jzoQEWX2BuqRKrMj4jrz",
confirmed_at: "2015-07-20 16:00:25",
confirmation_sent_at: "2015-07-20 15:59:58",
unconfirmed_email: nil,
name: nil,
nickname: nil,
image: nil,
email: "[email protected]",
tokens: {"KrbAocoH9Y70bMO4PVsoQA"=>{"token"=>"$2a$10$v43f0pHghva8uQAFOZTrE..EV3KbhAKyIBIZeHBti5yj32f.buIxa", "expiry"=>1438617626}},
created_at: "2015-07-20 15:59:58",
updated_at: "2015-07-20 16:00:26">
2
ruby-on-railsangularjsionicaccess-token
if you change 127.0.0.1 to localhost does that make a difference? - paul
You should add the configuration you used w/ rack-cors and then clarify the URL's you're using for server/client so we can see where the problem is. - Sunil D.
Hi @paul, thanks for your help. I changed it to localhost but I still keep getting the same error. - 1087427
Hi @SunilD. I just added the info about cors config and urls, please tell me what else can I do. Thanks - 1087427
I can see the problem please post your PHP code... - MR.Internet

2 Answers

0
votes

AS you mention the error was "No 'Access-Control-Allow-Origin' header is present on the requested resource."

In Many cases this sort of Error Comes from incorrectly defined, wrongly stated or missing of the following Code...

header("Access-Control-Allow-Origin: *"); 
header('Access-Control-Allow-Methods: GET, POST');

Be sure to adapt the above code in ruby, As this is PHP Code.

Let me know if this helps.

0
votes

thanks for your help, I could solve the problem, it was related with routes, I just moved the devise-token-auth routes outside of the api namespace and it worked.

mount_devise_token_auth_for 'Usuario', at: 'api/auth'

I think it is something related with this https://github.com/lynndylanhurley/devise_token_auth/issues/101